1/* SPDX-License-Identifier: GPL-2.0 */
2#ifndef _LINUX_USER_NAMESPACE_H
3#define _LINUX_USER_NAMESPACE_H
4
5#include <linux/kref.h>
6#include <linux/nsproxy.h>
7#include <linux/ns_common.h>
8#include <linux/sched.h>
9#include <linux/workqueue.h>
10#include <linux/rwsem.h>
11#include <linux/sysctl.h>
12#include <linux/err.h>
13
14#define UID_GID_MAP_MAX_BASE_EXTENTS 5
15#define UID_GID_MAP_MAX_EXTENTS 340
16
17struct uid_gid_extent {
18 u32 first;
19 u32 lower_first;
20 u32 count;
21};
22
23struct uid_gid_map { /* 64 bytes -- 1 cache line */
24 u32 nr_extents;
25 union {
26 struct uid_gid_extent extent[UID_GID_MAP_MAX_BASE_EXTENTS];
27 struct {
28 struct uid_gid_extent *forward;
29 struct uid_gid_extent *reverse;
30 };
31 };
32};
33
34#define USERNS_SETGROUPS_ALLOWED 1UL
35
36#define USERNS_INIT_FLAGS USERNS_SETGROUPS_ALLOWED
37
38struct ucounts;
39
40enum ucount_type {
41 UCOUNT_USER_NAMESPACES,
42 UCOUNT_PID_NAMESPACES,
43 UCOUNT_UTS_NAMESPACES,
44 UCOUNT_IPC_NAMESPACES,
45 UCOUNT_NET_NAMESPACES,
46 UCOUNT_MNT_NAMESPACES,
47 UCOUNT_CGROUP_NAMESPACES,
48 UCOUNT_TIME_NAMESPACES,
49#ifdef CONFIG_INOTIFY_USER
50 UCOUNT_INOTIFY_INSTANCES,
51 UCOUNT_INOTIFY_WATCHES,
52#endif
53#ifdef CONFIG_FANOTIFY
54 UCOUNT_FANOTIFY_GROUPS,
55 UCOUNT_FANOTIFY_MARKS,
56#endif
57 UCOUNT_COUNTS,
58};
59
60enum rlimit_type {
61 UCOUNT_RLIMIT_NPROC,
62 UCOUNT_RLIMIT_MSGQUEUE,
63 UCOUNT_RLIMIT_SIGPENDING,
64 UCOUNT_RLIMIT_MEMLOCK,
65 UCOUNT_RLIMIT_COUNTS,
66};
67
68#if IS_ENABLED(CONFIG_BINFMT_MISC)
69struct binfmt_misc;
70#endif
71
72struct user_namespace {
73 struct uid_gid_map uid_map;
74 struct uid_gid_map gid_map;
75 struct uid_gid_map projid_map;
76 struct user_namespace *parent;
77 int level;
78 kuid_t owner;
79 kgid_t group;
80 struct ns_common ns;
81 unsigned long flags;
82 /* parent_could_setfcap: true if the creator if this ns had CAP_SETFCAP
83 * in its effective capability set at the child ns creation time. */
84 bool parent_could_setfcap;
85
86#ifdef CONFIG_KEYS
87 /* List of joinable keyrings in this namespace. Modification access of
88 * these pointers is controlled by keyring_sem. Once
89 * user_keyring_register is set, it won't be changed, so it can be
90 * accessed directly with READ_ONCE().
91 */
92 struct list_head keyring_name_list;
93 struct key *user_keyring_register;
94 struct rw_semaphore keyring_sem;
95#endif
96
97 /* Register of per-UID persistent keyrings for this namespace */
98#ifdef CONFIG_PERSISTENT_KEYRINGS
99 struct key *persistent_keyring_register;
100#endif
101 struct work_struct work;
102#ifdef CONFIG_SYSCTL
103 struct ctl_table_set set;
104 struct ctl_table_header *sysctls;
105#endif
106 struct ucounts *ucounts;
107 long ucount_max[UCOUNT_COUNTS];
108 long rlimit_max[UCOUNT_RLIMIT_COUNTS];
109
110#if IS_ENABLED(CONFIG_BINFMT_MISC)
111 struct binfmt_misc *binfmt_misc;
112#endif
113} __randomize_layout;
114
115struct ucounts {
116 struct hlist_node node;
117 struct user_namespace *ns;
118 kuid_t uid;
119 atomic_t count;
120 atomic_long_t ucount[UCOUNT_COUNTS];
121 atomic_long_t rlimit[UCOUNT_RLIMIT_COUNTS];
122};
123
124extern struct user_namespace init_user_ns;
125extern struct ucounts init_ucounts;
126
127bool setup_userns_sysctls(struct user_namespace *ns);
128void retire_userns_sysctls(struct user_namespace *ns);
129struct ucounts *inc_ucount(struct user_namespace *ns, kuid_t uid, enum ucount_type type);
130void dec_ucount(struct ucounts *ucounts, enum ucount_type type);
131struct ucounts *alloc_ucounts(struct user_namespace *ns, kuid_t uid);
132struct ucounts * __must_check get_ucounts(struct ucounts *ucounts);
133void put_ucounts(struct ucounts *ucounts);
134
135static inline long get_rlimit_value(struct ucounts *ucounts, enum rlimit_type type)
136{
137 return atomic_long_read(v: &ucounts->rlimit[type]);
138}
139
140long inc_rlimit_ucounts(struct ucounts *ucounts, enum rlimit_type type, long v);
141bool dec_rlimit_ucounts(struct ucounts *ucounts, enum rlimit_type type, long v);
142long inc_rlimit_get_ucounts(struct ucounts *ucounts, enum rlimit_type type);
143void dec_rlimit_put_ucounts(struct ucounts *ucounts, enum rlimit_type type);
144bool is_rlimit_overlimit(struct ucounts *ucounts, enum rlimit_type type, unsigned long max);
145
146static inline long get_userns_rlimit_max(struct user_namespace *ns, enum rlimit_type type)
147{
148 return READ_ONCE(ns->rlimit_max[type]);
149}
150
151static inline void set_userns_rlimit_max(struct user_namespace *ns,
152 enum rlimit_type type, unsigned long max)
153{
154 ns->rlimit_max[type] = max <= LONG_MAX ? max : LONG_MAX;
155}
156
157#ifdef CONFIG_USER_NS
158
159static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
160{
161 if (ns)
162 refcount_inc(r: &ns->ns.count);
163 return ns;
164}
165
166extern int create_user_ns(struct cred *new);
167extern int unshare_userns(unsigned long unshare_flags, struct cred **new_cred);
168extern void __put_user_ns(struct user_namespace *ns);
169
170static inline void put_user_ns(struct user_namespace *ns)
171{
172 if (ns && refcount_dec_and_test(r: &ns->ns.count))
173 __put_user_ns(ns);
174}
175
176struct seq_operations;
177extern const struct seq_operations proc_uid_seq_operations;
178extern const struct seq_operations proc_gid_seq_operations;
179extern const struct seq_operations proc_projid_seq_operations;
180extern ssize_t proc_uid_map_write(struct file *, const char __user *, size_t, loff_t *);
181extern ssize_t proc_gid_map_write(struct file *, const char __user *, size_t, loff_t *);
182extern ssize_t proc_projid_map_write(struct file *, const char __user *, size_t, loff_t *);
183extern ssize_t proc_setgroups_write(struct file *, const char __user *, size_t, loff_t *);
184extern int proc_setgroups_show(struct seq_file *m, void *v);
185extern bool userns_may_setgroups(const struct user_namespace *ns);
186extern bool in_userns(const struct user_namespace *ancestor,
187 const struct user_namespace *child);
188extern bool current_in_userns(const struct user_namespace *target_ns);
189struct ns_common *ns_get_owner(struct ns_common *ns);
190#else
191
192static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
193{
194 return &init_user_ns;
195}
196
197static inline int create_user_ns(struct cred *new)
198{
199 return -EINVAL;
200}
201
202static inline int unshare_userns(unsigned long unshare_flags,
203 struct cred **new_cred)
204{
205 if (unshare_flags & CLONE_NEWUSER)
206 return -EINVAL;
207 return 0;
208}
209
210static inline void put_user_ns(struct user_namespace *ns)
211{
212}
213
214static inline bool userns_may_setgroups(const struct user_namespace *ns)
215{
216 return true;
217}
218
219static inline bool in_userns(const struct user_namespace *ancestor,
220 const struct user_namespace *child)
221{
222 return true;
223}
224
225static inline bool current_in_userns(const struct user_namespace *target_ns)
226{
227 return true;
228}
229
230static inline struct ns_common *ns_get_owner(struct ns_common *ns)
231{
232 return ERR_PTR(-EPERM);
233}
234#endif
235
236#endif /* _LINUX_USER_H */
237

source code of linux/include/linux/user_namespace.h